3198 Owasp Jobs - Page 9

Key Responsibilities Technical Leadership Lead Python development teams on enterprise-grade projects Own and drive architectural decisions and code quality Conduct design and code reviews, and ensure adherence to best practices Backend Development Build and maintain robust, scalable backend services using Python frameworks (Django, FastAPI, Flask) Design APIs, background workers, and data pipelines Team Mentoring Mentor and guide junior and mid-level developers Provide training, performance feedback, and career guidance DevOps and Deployment Work with DevOps to define CI/CD pipelines and deployment strategies Collaborate on containerization using Docker, orchestration with Kubernetes Client and Stakeholder Interaction Translate business requirements into technical solutions Participate in client calls for requirement gathering, demos, and feedback sessions Required Skills 7+ years of Python development experience Strong command over frameworks like Django, FastAPI, Flask Proven experience in API development and integration (REST, GraphQL) Experience with relational (PostgreSQL, MySQL) and NoSQL (MongoDB, Redis) databases Solid understanding of system architecture, design patterns, and scalability Familiarity with asynchronous programming (e.g., Celery, asyncio) Hands-on experience with Docker, Git, and CI/CD pipelines Exposure to cloud platforms (AWS/GCP/Azure) Good understanding of security best practices (OWASP, data protection) Preferred Skills Experience with AI/ML pipelines, data engineering, or microservices Prior experience in leading Agile/Scrum teams Familiarity with front-end technologies (React/Angular) is a plus Contributions to open-source projects or technical blogs Soft Skills Strong problem-solving and decision-making abilities Excellent communication and stakeholder management skills Ability to multitask and manage priorities in a fast-paced environment Team-oriented with a proactive and collaborative approach

Job Overview: We are looking for a talented and experienced Application Security Engineer to join our team. The ideal candidate will have a strong understanding of application security standards, tools, and methodologies and will be responsible for conducting security assessments, penetration testing, and vulnerability analysis for web and mobile applications. This role requires hands-on experience with both automated and manual testing tools, familiarity with security mechanisms, and a commitment to improving the overall security posture of the organization. Key Responsibilities: • Conduct security assessments for both web and mobile applications. • Perform vulnerability assessments and penetration tests using tools such as Burp Suite Pro, AppScan, Veracode, Fortify, WebInspect, Acunetix, etc. • Leverage mobile application testing tools like Drozer, Xposed, MobSF, SSLTrustKiller, Frida, apktool, dex2jar, jadx, and IDA for iOS and Android applications. • Conduct thorough testing of APIs to identify security flaws. • Utilize OWASP and SANS standards to guide security practices. • Stay up to date with the latest security testing tools, techniques, and ethical hacking methodologies. • Compile and present risk-based findings to stakeholders, providing detailed reports and suggesting appropriate mitigations. • Provide expertise on penetration testing methodologies, including black box, grey box, and white box testing. • Demonstrate proficiency with common penetration testing tools such as nmap, Wireshark, Kali Linux, Metasploit, OpenVAS, OWSAP ZAP, Accunetix, Nikto, Nessus, and sqlmap. • Assist development teams with implementing penetration tests as part of the Secure Software Development Life Cycle (Secure SDLC). • Create and refine security checklists tailored to organizational needs. • Ensure continuous security improvement by making suggestions for system and process enhancements. • Experience working with SaaS, IaaS, and PaaS environments, helping integrate and optimize security technologies and processes. Skills and Qualifications: • Proficiency with OWASP Top 10 and SANS security standards. • Strong experience in using security assessment tools, including both static (SAST) and dynamic (DAST) application security testing tools. • Hands-on experience with mobile application security testing and mobile-specific vulnerabilities. • Proficient with web technologies such as J2EE, XML, JSON, SOAP, REST, and AJAX. • Basic programming knowledge in Java, JavaScript, and SQL. • Familiarity with encryption, authentication, and authorization techniques for secure software development. • Experience in automating security testing using scripting languages like Python, Bash, or Java. • Knowledge of network security and vulnerability assessment practices. • Experience in Secure Code Review and identifying vulnerabilities in the source code. • Strong understanding of various security techniques and risk assessment processes. Certifications: • Certified Ethical Hacker (CEH) or equivalent certifications related to application security. Desired Competencies: • OWASP, Burp Suite, Web Application Security, Acunetix, Vulnerability Assessment, Network Security, Mobile Application Security. • Proficient in Secure Code Review, Python, Bash, Java, and Automation scripting.

Key Job Responsibilities: VOC - VI (Vulnerability Intelligence) & ASM (Attack Surface Management) Analyst Environment / Context Saint Gobain, world leader in the habitat and construction market, is one of the top 100 global industrial groups. Saint-Gobain is present in 68 countries with 171 000 employees. They design, manufacture and distribute materials and solutions which are key ingredients in the wellbeing of each of us and the future of all. They can be found everywhere in our living places and our daily life: in buildings, transportation, infrastructure and in many industrial applications. They provide comfort, performance and safety while addressing the challenges of sustainable construction, resource efficiency and climate change . Saint-Gobain GDI Grou pe (250 persons at the head office, including 120 that are internal) is responsible for defining, setting up and managing the Group's Information Systems (IS) and Telecom policy with its 1,000 subsidiaries in 6,500 sites worldwide. The GDI Groupe also carries the common means (infrastructures, telecoms, digital platforms, cross-functional applications ). IN DEC, the IT Development Centre of Saint-Gobain, is an entity with a vision to leverage India’s technical skills in the Information Technology domain to provide timely, high-quality and cost-effective IT solutions to Saint-Gobain businesses globally. Within the Cybersecurity Department, the Cybersecurity Vulnerability Operations Cen ter mission is to Identify, assess and confirm vulnerability and threats that can affect the Group. The CyberVOC teams are based out of Paris and Mumbai and consist of skilled persons working in different Service Lines . Mission The VOC VI & ASM Analyst will be part of a team responsible for monitoring and identifying vulnerabilities as well as proactively assessing their threat with regards to Saint-Gobain context. The team also provides comprehensive feedback and guidance on detected vulnerabilities to assist Security Officers and Application Manager on the remediationpart. This role takes a holistic approach to identifying newly published vulnerabilities and contextualizing them to Saint-Gobain environment as well as tracking potential external entry points to Saint-Gobain systems anddata. The VOC VI & ASM Analyst is responsible for: Vulnerability Intelligence (VI): Monitor new vulnerabilities and assess their criticality and risk severity based on threat, exploit availability, ease of exploit, impact, …Communicate and publish an assessment on vulnerabilities related to software used in Saint-Gobain's scope Maintain timely, high-quality vulnerability bulletins, prioritizing issues against the Group’s asset exposure Update on a regular basis our software inventory in the scope of Vulnerability Assessment Service Keep the vulnerability database up to date; enrich each CVE and security bulletin with QDS, EPSS, CVSS metrics, … Attack Surface Management (ASM): Operate continuous monitoring of external assets via ASM Security tools Update on a regular basis the coverage of ASM tools, by adding known domains and IP ranges belonging to Saint-Gobain Assess the severity of the findings and confirm their presence (review, challenge, FP assessment, …) Track and report exposure trends; escalate high-risk findings to Blue-Team remediation owners Build and use the external footprint to proactively identify new threats and new vulnerabilities Leverage ASM tools to proactively identify external assets subject to newly published vulnerabilities BlackBox Pentesting: Drive proactive follow-up on detected vulnerabilities, engaging system owners and tracking remediationto closure Active follow up with Application managers to onboard new application in the BlackBox Pentesting service Pentest launch Contract follow-up Tools follow up and maintenance Vulnerability Management:Vulnerability review, recategorization, and false positive identification Proactive vulnerability testingand replayPre-analyze and consolidate vulnerability data from various scanning tools Prepare concise syntheses of available vulnerabilities Offer guidance to the SO and CISO on vulnerabilities Collaborate with key stakeholders to develop strategies for vulnerability management Scripting and automation:Automate data extraction and data push from VI and ASM tools to DataLake tools Build automation workflows to streamline vulnerability identification, assessment, and reporting Collaborate with the offensive and defensive teams to enhance vulnerability assessmentand t esting Skills and Qualifications Bachelor's degree in Computer Science, Information Security, EXTC or related field; relevant certifications (e.g., CISSP, CCSP, CompTIA Security+) are a plusProven experience (6+ years) working within the Cybersecurity field, with emphasis on security platform implementation & administration Experience on Penetration testing actions (web application, infrastructure, …) Experience with security scanning tools Experience with VI and ASM tools Experience in investigating newly published vulnerabilities and assessing their risks and severity Experience with scripting languages (e.g., Python, Bash, Powershell, C#, …) for automation and customization of security processes is a plus Experience with Pentester tools (Burp, SQLmap, Metasploit, Kali environment, …) Strong technical skills with an interest in open-source intelligence investigations Knowledge of NIST CVE database, OWASP Top 10, Microsoft security bulletins Excellent writing skills in English and ability to communicate complicate technical challenges in a business language to a range ofstakeholders. Personal Skills Has a systematic, disciplined, and analytical approach to problem solving with Thorough leadership skills & experience Excellent ability to think critically under pressure Strong communication skills to convey technical concepts clearly to both technical and non-technical stakeholders Willingness to stay updated with evolving cyber threats, technologies, and industry trends Capacity to work collaboratively with cross-functional teams, developers, and management to implement robust security measures Additional Information The position is based in Mumbai (India)

About the role As a Senior Cyber Security Partner; you will transform the security maturity of key product areas and teams. You will be the face of security group for them. Everything you do is in the context of the product; roadmap; its risk acceptance level; the technology stack; and its architecture. You build a comprehensive understanding of the threat landscape and its potential risks to the business. Through effective partnership; you engage the leadership to make well-informed decisions about security and privacy. You will be responsible for Following our Business Code of Conduct and always acting with integrity and due diligence and have these specific risk responsibilities: • Provide product and engineering teams with direction and guidance on all security matters. There is a whole security group to back you up; so it is not as scary as it sounds. • Engage engineering leadership on security roadmap and oversee security posture of what they build. • Co-own the security roadmap; discuss; prioritise; and co-develop plans for remediation for the product areas. • Empower security champions to succeed and creating a strong feedback loop for improvements. • Represent security in all product and architecture meet-ups. Be part of critical decisions about security. • Oversee product security activities; from the early development of security requirements; architecture reviews; and threat modelling; to strengthening application security; mitigating supply-chain risks; securing secrets; pipelines; reviewing vulnerabilities; and infrastructure security. • Perform security architecture reviews of third-party services. • Identify acceptable risk levels and assist with action plan; policy; and procedural changes for risk mitigation. • Adopt a risk-based approach and guide management in identifying business risks and potential impact to Tesco. Continuously seek both tactical and strategic solutions to enhance security. • As the security expert for the product area; engage across the security group to strengthen controls across identification; protection; detection; response; and recovery. • Oversee assurance activities like security testing; purple testing; assurance; auditing. • Reduce security fatigue for engineering and provide faster feedback within existing developer workflows; not adding another tool for them to check. • Empower the teams you work with; but also challenge the status-quo. • As a senior member of the team; engage across the security group on new ideas and initiatives. • Contribute to strengthen organisation standards and policies; develop cookbooks; secure patterns; take part in security research and tool evaluations. • You are committed to continuous improvement; seizing opportunities; and inspire change for the team. • Mentor others in the team and take part in enhancing their skills and career development. You will need To excel in this position, we expect you to have the following: • Possess experience across multiple sectors and have undertaken diverse roles in engineering and security. Demonstratable accomplishments of collaborating with leadership and management on security programmes and initiatives. • Good knowledge of various security domains, and solid experience in architecture practices and design patterns – the technology might have changed but most of the security challenges have not. • Experience in designing security and privacy controls with sound understanding of standards and regulation. • Experience in threat modelling, attack trees, vulnerability chaining, applying MITRE ATT&CK framework. • Good understanding of web applications, REST APIs, micro services, eventing, modern application frameworks, and mobile apps. • Good understanding of software architecture, network topologies, SaaS, PaaS, IaaS (infrastructure as a service). • Proficient in applying industry standards such as OWASP ASVS (Application Security Verification Standard), OWASP Top 10, CIS (Centre of Internet Security) controls and benchmarks. • Experience with cloud native and hybrid architectures with an emphasis on containerised workloads and Kubernetes. • Some development experience is always a plus - Java, cloud, Golang, python. You do not need to “be a developer” but we need you to understand the implications of security on engineering velocity. • Degree in computer science / information systems or engineering field, or equivalent experience. • Experience with regulations like GDPR (General Data Protection Regulation), PCI-DSS is desirable. • Azure or AWS (Amazon Web Services) cloud security certifications is desirable. • Excellent interpersonal skills and leadership skills. Whats in it for you? At Tesco, we are committed to providing the best for you. As a result, our colleagues enjoy a unique, differentiated, market- competitive reward package, based on the current industry practices, for all the work they put into serving our customers, communities and planet a little better every day. Our Tesco Rewards framework consists of pillars - Fixed Pay, Incentives, and Benefits. Total Rewards offered at Tesco is determined by four principles -simple, fair, competitive, and sustainable. · Salary - Your fixed pay is the guaranteed pay as per your contract of employment. · Leave & Time-off - Colleagues are entitled to 30 days of leave (18 days of Earned Leave, 12 days of Casual/Sick Leave) and 10 national and festival holidays, as per the company’s policy. · Making Retirement Tension-FreeSalary - In addition to Statutory retirement beneets, Tesco enables colleagues to participate in voluntary programmes like NPS and VPF. · Health is Wealth - Tesco promotes programmes that support a culture of health and wellness including insurance for colleagues and their family. Our medical insurance provides coverage for dependents including parents or in-laws. · Mental Wellbeing - We offer mental health support through self-help tools, community groups, ally networks, face-to-face counselling, and more for both colleagues and dependents. · Financial Wellbeing - Through our financial literacy partner, we offer one-to-one financial coaching at discounted rates, as well as salary advances on earned wages upon request. · Save As You Earn (SAYE) - Our SAYE programme allows colleagues to transition from being employees to Tesco shareholders through a structured 3-year savings plan. Our green campus promotes physical wellbeing with facilities that include a cricket pitch, football field, badminton and volleyball courts, along with indoor games, encouraging a healthier lifestyle. About Us Tesco in Bengaluru is a multi-disciplinary team serving our customers, communities, and planet a little better every day across markets. Our goal is to create a sustainable competitive advantage for Tesco by standardising processes, delivering cost savings, enabling agility through technological solutions, and empowering our colleagues to do even more for our customers. With cross-functional expertise, a wide network of teams, and strong governance, we reduce complexity, thereby offering high-quality services for our customers. Tesco in Bengaluru, established in 2004 to enable standardisation and build centralised capabilities and competencies, makes the experience better for our millions of customers worldwide and simpler for over 3,30,000 colleagues Tesco Technology Today, our Technology team consists of over 5,000 experts spread across the UK, Poland, Hungary, the Czech Republic, and India. In India, our Technology division includes teams dedicated to Engineering, Product, Programme, Service Desk and Operations, Systems Engineering, Security & Capability, Data Science, and other roles. At Tesco, our retail platform comprises a wide array of capabilities, value propositions, and products, essential for crafting exceptional retail experiences for our customers and colleagues across all channels and markets. This platform encompasses all aspects of our operations – from identifying and authenticating customers, managing products, pricing, promoting, enabling customers to discover products, facilitating payment, and ensuring delivery. By developing a comprehensive Retail Platform, we ensure that as customer touchpoints and devices evolve, we can consistently deliver seamless experiences. This adaptability allows us to respond flexibly without the need to overhaul our technology, thanks to the creation of capabilities we have built.

About smallcase smallcase is on a mission to change how India & Indians invest. We build products & tools for individuals to invest better in stocks & ETFs and platforms & infrastructure for the industry to offer better investment products. Our user community is 6,50,000+ strong & we work with the largest financial brands in India like HDFC, Kotak, Edelweiss, IIFL & more About The Role We are seeking a passionate and proactive Security Engineer to join our team. You will play a critical role in ensuring the security of our infrastructure, applications, and overall environment. In This Role, You Will Be responsible for managing security across smallcase. Regularly check and test our applications and systems for security issues. Develop tools and practices to safeguard our applications. Work closely with development teams to ensure security best practices are integrated throughout the software development lifecycle (SDLC), including secure coding guidelines. Track and address vulnerabilities, providing clear instructions for fixing issues. Assist in investigating, analyzing, and responding to security incidents related to applications. You Might Thrive In This Role If You Have at least 2 years of proven experience as a Security Engineer or similar role. Have practical knowledge of web application security, secure coding, threat assessment, and incident management. Understand cloud systems and how to keep them secure. Are comfortable using programming languages like Javascript, Python, or GO and familiar with security tools (e.g., Burp Suite, OWASP ZAP) and encryption techniques. Important: For the best chance of getting shortlisted, please share your Blogs, CTF writeups, or any security research publications that demonstrate your expertise and passion for security. We look forward to your application!

Flawit InfoSec Services Flawit InfoSec Services is a cybersecurity firm delivering comprehensive, end-to-end security solutions to enterprises, startups, and government organizations. Our core expertise includes vulnerability assessment and penetration testing (VAPT), red teaming, security operations center (SOC) implementation, risk and compliance advisory, cloud and DevSecOps security, identity and access management (IAM), and more. With a client-first approach, our certified professionals apply global frameworks like OWASP, NIST, and MITRE ATT&CK to secure digital environments and build long-term resilience against evolving threats. Role – Penetration Tester (On-site, Nashik) We are looking for a skilled Penetration Tester to join our team and lead offensive security engagements across diverse environments. The role involves simulating real-world attacks, identifying security flaws, and helping clients strengthen their cybersecurity posture through hands-on testing and tailored recommendations. Key Responsibilities: Conduct detailed vulnerability assessments and penetration tests on web applications, mobile apps, APIs, networks, wireless environments, cloud infrastructure, and thick client systems Perform red teaming exercises, social engineering assessments, and adversary simulations Reverse engineer malware and binaries to identify behavior and possible countermeasures Conduct secure code reviews to detect logic flaws, insecure implementations, and potential backdoors Prepare in-depth technical and executive reports, outlining vulnerabilities, impact, and remediation strategies Communicate findings to internal teams and client stakeholders, and support remediation discussions Develop custom scripts and tools to automate or enhance testing methodologies Stay updated with emerging threats, vulnerabilities, and attack vectors through continuous research Required Skills and Qualifications: Proven experience in web and mobile application penetration testing (OWASP Top 10, API Security) Proficient in tools such as Burp Suite, Metasploit, Nmap, Nessus, Nikto, sqlmap, Wireshark, and Dirbuster Understanding of red team operations, adversary tactics, and MITRE ATT&CK framework Hands-on knowledge of reverse engineering and malware analysis Familiarity with cloud platform security (AWS, Azure, GCP) and DevSecOps pipelines Good understanding of network protocols, operating system internals, and scripting languages (Python, Bash, PowerShell) Ability to write detailed documentation and deliver concise, clear reports to technical and non-technical audiences Bachelor's degree in Cybersecurity, Computer Science, or a related field Relevant certifications are a plus (OSCP, OSEP, OSCE, CRTP, eJPT, CEH, etc.)

Senior Cyber Security Partner Location: Hybrid at Bengaluru, Karnataka, India Experience - 6-11 years Roles and Responsibilities Collaborate closely with cross-functional teams to integrate security practices into the product lifecycle, ensuring robust application security. Lead efforts in threat modeling, risk analysis, and security code reviews to discover and mitigate vulnerabilities early in the development process. Develop and enforce security guidelines and standards to enhance overall product security, staying updated with the latest security technologies and trends. Design and implement security architectures that align with industry best practices and organizational requirements, ensuring scalable and secure applications. Act as a subject matter expert in security architecture, providing strategic guidance and mentorship to the junior team members and stakeholders. Drive incident response initiatives and coordinate with relevant teams to swiftly address and remediate security incidents, ensuring minimal disruption to operations. Promote a security-first culture within the organization by leading security training and awareness programs. Engage with external partners and vendors to evaluate and integrate third-party security solutions as needed. Required Qualifications Bachelor’s degree in Computer Science, Information Technology, or a related field. Minimum of 8 years of experience in cyber security, with a focus on application security and security architecture. Proficiency in conducting threat modeling, vulnerability assessments, and security audits. Strong knowledge of security standards and protocols such as OWASP, NIST, and ISO 27001. Experience designing secure applications in cloud-based environments, with knowledge of at least one major cloud provider (AWS, Azure, GCP). Strong problem-solving skills and the ability to work under pressure to address security challenges effectively. Excellent communication skills to articulate complex security concepts to non-technical stakeholders. Certifications such as CISSP, CISM, or CEH are strongly preferred. Key Responsibilities Partner with engineering teams to enhance product security features and foster a secure software development lifecycle (SDLC). Oversee the development and implementation of security solutions to protect information systems and infrastructure from cyber threats. Conduct ongoing security research and vulnerability scans to identify and remediate potential security weaknesses. Prepare and present detailed security findings and reports to executive management, facilitating informed decision-making. Lead the security incident management process, coordinating response efforts and post-incident analyses to prevent future occurrences. Evaluate, recommend, and leverage advanced security tools and technologies to enhance security posture. Maintain compliance with relevant legal, regulatory, and organizational standards and practices.

You are looking for an experienced Java Team Lead who can demonstrate strong technical expertise and leadership skills. In this role, you will be responsible for overseeing the design, development, and deployment of Java-based applications while providing guidance and mentorship to a growing development team. With a minimum of 5 years of overall experience in Java development, including at least 2 years in a leadership role, you will be instrumental in leading the team towards successful project outcomes. Your primary responsibilities will include leading the design and implementation of Java applications, reviewing and testing code to maintain quality and performance standards, and ensuring adherence to SDLC processes and timelines in collaboration with other teams. As a Java Team Lead, you will also be tasked with providing technical mentorship to junior developers, assigning tasks effectively, and ensuring that the application's security measures comply with OWASP guidelines and industry best practices. Proficiency in Spring MVC, Spring Boot, Spring Security, JPA, Hibernate, HTML/JSP/React, and Eclipse is essential for this role, along with a strong background in SQL Server or Oracle databases. Your expertise should extend to identifying and addressing OWASP vulnerabilities, familiarity with DAST and SAST tools, and experience with security tools like Burp Suite, OWASP ZAP, and SonarQube. Additionally, knowledge of microservices architectures and cloud services (AWS, Azure, or GCP) will be advantageous in fulfilling the requirements of this position. To qualify for this role, you should hold a Bachelor's or Master's degree in Computer Science, Engineering, or a related field. If you are ready to take on this challenging yet rewarding opportunity, we look forward to considering your application.,

About Smallcase smallcase is on a mission to change how India & Indians invest. We build products & tools for individuals to invest better in stocks & ETFs and platforms & infrastructure for the industry to offer better investment products. Our user community is 6,50,000+ strong & we work with the largest financial brands in India like HDFC, Kotak, Edelweiss, IIFL & more About The Role We are seeking a passionate and proactive Security Engineer to join our team. You will play a critical role in ensuring the security of our infrastructure, applications, and overall environment. In This Role, You Will Be responsible for managing security across smallcase. Regularly check and test our applications and systems for security issues. Develop tools and practices to safeguard our applications. Work closely with development teams to ensure security best practices are integrated throughout the software development lifecycle (SDLC), including secure coding guidelines. Track and address vulnerabilities, providing clear instructions for fixing issues. Assist in investigating, analyzing, and responding to security incidents related to applications. You Might Thrive In This Role If You Have at least 2 years of proven experience as a Security Engineer or similar role. Have practical knowledge of web application security, secure coding, threat assessment, and incident management. Understand cloud systems and how to keep them secure. Are comfortable using programming languages like Javascript, Python, or GO and familiar with security tools (e.g., Burp Suite, OWASP ZAP) and encryption techniques. Important: For the best chance of getting shortlisted, please share your Blogs, CTF writeups, or any security research publications that demonstrate your expertise and passion for security. We look forward to your application!

We are seeking an experienced Application Security Manager to lead our security initiatives and ensure the integrity, confidentiality, and availability of our systems and data. This role is crucial in safeguarding our digital assets and maintaining compliance with industry standards. The manager of the application security program Responsibilities To Integrate security tools, standards, and processes into the product life cycle (PLC). Ensure that developers and QA personnel are trained with the appropriate level of security knowledge to perform their daily activities. Improve and support application security tool deployments including static analysis and runtime testing tools and secure development standards. Conduct and manage periodic penetration testing exercises through expert consulting, internal technology team, and managed services to identify the gaps and fulfill audit/regulator requirements. Create, Integrate and manage threat modelling process/ practices, following SSDLC and application framework. Manage the secure configuration/ hardening guidelines and compliance. Should create and manage application security KPIs dashboards. Should have strong hand-on experience of different tools, processes related to SAST, DAST, API Security and Threat Modelling. Should take care of Infosec functions by coordinating with various stakeholders (App Team, Vendors, Auditors, Regulators). Should have knowledge of best practices like OWASP, Microsoft SDL, SANS, NIST. Should have a good espouser to cloud environment (AWS) and WAF (Imperva, Akamai). Knowledge of Network and Data Security is a plus. Qualifications And Experience 8-10 years of hands-on experience in application security. Strong understanding of application security best practices, frameworks, and security technologies, like Checkmarx, Fortify, Burp Suite, OWASP ZAP, Acunetix etc. Proven experience in managing VA, PT, Code review, SAST, DAST, SSDLC, Threat Modelling, and Audit processes. Familiarity with regulatory requirements and compliance standards Excellent communication, interpersonal, analytical and problem-solving skills. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Masters degree or relevant certifications preferred. (ref:hirist.tech)

Are you excited by the prospect of detecting and mitigating the latest cyber attacks? Would you enjoy safeguarding top global brands in a dynamic and engaging learning environment? Join our world class Security Operations Command Center Akamais industry-leading Security Operations Command Center (SOCC) protects various enterprises. We hand hold our security customers against real-time cyber-attacks and cyber-terrorism on daily basis. Partnering with other technical teams we detect and mitigate ongoing attacks, helping enterprises protect their online presence. We are the world leader in DDoS, web application and bot-based attack mitigation. Respond to cyber attacks in real time As Security Architect, youll engage in critical network and attack-related events for Akamais managed security customers. Help identify real time cyber-attacks, strategize & deploy mitigations while neutralizing adverse impact to the end users. As a Security Architect, you will be responsible for: Devising and engaging mitigation strategies to prevent real time attacks, using Akamai products & platform Performing advanced analysis to identify attacks and threats to customers digital properties and/or their business network Communicating with customers regarding challenges and providing updates and results on your mitigation and analysis Innovating around tooling development & product enhancement. Do what you love To be successful in this role you will: Need to have 2+ relevant industry experience on Akamai Platform OR networking OR Web application Security Demonstrate knowledge of how the internet works, including, DNS. HTTP, Suite of IP Protocols Show knowledge of common OWASP top 10 and how they relate to internet services compromise or attacks Need to demonstrate excellent verbal & written communication skills and excellent collaboration & team work. Have passion and ability to learn new tools and technologies and problem solving. Work in a way that works for you Learn what makes Akamai a great place to work Connect with us on social and see what life at Akamai is like! We power and protect life online, by solving the toughest challenges, together. At Akamai, were curious, innovative, collaborative and tenacious. We celebrate diversity of thought and we hold an unwavering belief that we can make a meaningful difference. Our teams use their global perspectives to put customers at the forefront of everything they do, so if you are people-centric, youll thrive here. Working for you At Akamai, we will provide you with opportunities to grow, flourish, and achieve great things. Our benefit options are designed to meet your individual needs for today and in the future. We provide benefits surrounding all aspects of your life: Your health Your finances Your family Your time at work Your time pursuing other endeavors Our benefit plan options are designed to meet your individual needs and budget, both today and in the future. About us Join us Are you seeking an opportunity to make a real difference in a company with a global reach and exciting services and clients? Come join us and grow with a team of people who will energize and inspire you! #LI-Remote

About The Role We are seeking a passionate and proactive Security Engineer to join our team. You will play a critical role in ensuring the security of our infrastructure, applications, and overall environment. What You’ll Do Be responsible for managing security across smallcase Regularly check and test our applications and systems for security issues. Develop tools and practices to safeguard our applications. Work closely with development teams to ensure security best practices are integrated throughout the software development lifecycle (SDLC), including secure coding guidelines. Track and address vulnerabilities, providing clear instructions for fixing issues. Assist in investigating, analyzing, and responding to security incidents related to applications. We’re Looking for Have at least 2 years of proven experience as a Security Engineer or similar role Have practical knowledge of web application security, secure coding, threat assessment, and incident management Understand cloud systems and how to keep them secure. Are comfortable using programming languages like Javascript, Python, or GO and familiar with security tools (e.g., Burp Suite, OWASP ZAP) and encryption techniques. About Smallcase At smallcase, we are changing how India invests. smallcase is a leading provider of investment products & platforms to over 10 million Indians. We're a young, driven team of 250+ headquartered in Bangalore. smallcase was founded in July 2015 by three IIT Kharagpur graduates, Vasanth Kamath, Anugrah Shrivastava and Rohan Gupta. smallcase has been focused on offering innovative investing experiences & technology. Our platforms are used by over 300 of India's largest financial brands and most respected institutions. We are backed by world-class investors including top-tier funds, institutions and operators from the capital markets space who believe in our mission of enabling better financial futures for every Indian. Life at smallcase We are not just building a business, we are making a long-lasting impact both in the wealth & assets landscape with our unique technology & expanding ecosystem. Over the last 9 years, our team, products, and platforms have grown and so have our ambitions. Innovation remains at the heart of what we do. Our other core values are transparency, integrity & long-term thinking. Our key asset has always been our people, and we empower individuals to build and do some of the best work in their lifetimes at smallcase. Flexibility, ownership and constant feedback loops are some of the ways we keep evolving the working environment. Skills: secure coding,encryption,web application security,burp suite,go,python,encryption techniques,cloud,aws,owasp,security,scripting,bash,application security,platforms,javascript,programming,incident management,incident,threat assessment,owasp zap,go (golang)

About the Company: Crenovent Technologies is the developer of RevAi Pro — an AI-native revenue operations platform that brings together pipeline visibility, forecasting governance, AI-driven meeting intelligence, and CRM + communication integration. The platform serves large software, BFSI, and insurance companies with advanced automation and governance capabilities. Role Overview: We are hiring a Senior QA Automation Engineer to take end-to-end ownership of testing and quality assurance for our RevAi Pro platform. You will be responsible for developing and maintaining the automation test suite, validating our complex workflows, enforcing governance policies in test environments, and ensuring high confidence in every release. Key Responsibilities: Design and implement automation test suites using Cypress, Playwright, or Selenium. Build and maintain API test libraries using Postman, REST Assured, or Newman. Validate role-based access control (RBAC) and row-level security (RLS) functionality across multi-tenant user hierarchies. Automate core workflows including OrgImport, Cruxx task routing, Forecast module, and AI agent triggers. Integrate testing pipelines into GitHub Actions or Azure DevOps for pre-merge checks, ring-based rollouts, and regression runs. Create and maintain a traceability matrix mapping user stories to test cases and coverage reports. Perform non-functional testing including performance (using k6), accessibility (WCAG 2.1 with axe-core), and basic security scanning (OWASP ZAP, Trivy). Build test cases for CRM integration flows involving Salesforce, HubSpot, and Microsoft Teams with OAuth, webhook replay, and sync drift validation. Simulate AI-based workflows from meeting summary to Cruxx creation to governance-triggered escalations. Own regression coverage across modules including Action Center, Dashboard views, Compensation Planning, and Agent Orchestration. Provide reliable test data and stable test environments for feature development and UAT. Requirements: Minimum 5 years experience in quality engineering with at least 3 years in automation roles. Hands-on experience with Cypress or Playwright for UI automation. Strong API testing skills using Postman or REST Assured. Deep understanding of access control models (RBAC/RLS) and multi-tenant SaaS architecture. Experience with continuous integration pipelines and automated testing workflows. Clear communication, strong analytical thinking, and meticulous attention to edge cases and regression risks. Proven ability to build stable and scalable automated test frameworks across frontend, backend, and integration boundaries. Preferred Qualifications: Experience testing AI/ML-based workflows or LLM-driven product flows. Familiarity with CRM schema (Salesforce, HubSpot, Zoho) and communication platforms (Teams, Gmail). Knowledge of feature flag testing and progressive delivery. Exposure to infrastructure-level testing (Terraform plan validation, Kubernetes health). Tools and Technologies Used: Cypress, Playwright, Selenium Postman, REST Assured, Newman GitHub Actions, Azure DevOps Jira, Xray/Zephyr k6, axe-core, OWASP ZAP Mixpanel, Grafana, Sentry Success Metrics: ≥ 90% regression coverage across core workflows < 0.1 escaped critical bugs (P1/P2) per month ≥ 20 test stories automated per sprint 95%+ pipeline reliability across CI/CD stages

About Apply Digital Apply Digital is a global experience transformation partner. We drive AI-powered change and measurable impact across complex, multi-brand ecosystems. Leveraging expertise that spans across the customer experience lifecycle from strategy, design to engineering and beyond, we enable our clients to modernize their organizations and maximize value for their business and customers. Our 750+ team members have helped transform global companies like Kraft Heinz, NFL, Moderna, Lululemon, Dropbox, Atlassian, A+E Networks, and The Very Group. Apply Digital was founded in 2016 in Vancouver, Canada. In the past nine years, we have grown to ten cities across North America, South America, the UK, Europe, and India. At Apply Digital, we believe in the “ One Team ” approach, where we operate within a ‘pod’ structure. Each pod brings together senior leadership, subject matter experts, and cross-functional skill sets, all working within a common tech and delivery framework. This structure is underpinned by well-oiled scrum and sprint cadences, keeping teams in step to release often and retrospectives to ensure we progress toward the desired outcomes. Wherever we work in the world, we envision Apply Digital as a safe, empowered, respectful and fun community for people, every single day. Together, we work to embody our SHAPE (smart, humble, active, positive, and excellent) values and make Apply Digital a space for our team to connect, grow, and support each other to make a difference. Visit our Careers page to learn how we can unlock your potential. LOCATION: Apply Digital is a hybrid friendly organization with remote options available if needed. The preferred candidate should be based in (or within a location commutable to) the Delhi/NCR region of India , working in hours that have an overlap with the Eastern Standard Timezone (EST). About The Client In your initial role, you will support Kraft Heinz, a global, multi-billion-dollar leader in consumer packaged foods and a valued client of ours for the past three years. Apply Digital has a bold and comprehensive mandate to drive Kraft Heinz’s digital transformation . Through implementable strategies, cutting-edge technology, and data-driven innovation we aim to enhance consumer engagement and maximize business value for Kraft Heinz. Our composable architecture, modern engineering practices, and deep expertise in AI, cloud computing, and customer data solutions have enabled game-changing digital experiences. Our cross-functional team has delivered significant milestones, including the launch of the What's Cooking App, the re-building of 120+ brand sites in over 20 languages, and most recently, the implementation of a robust Customer Data Platform (CDP) designed to drive media effectiveness. Our work has also been recognized internationally and has received multiple awards . While your work will start with supporting Kraft Heinz, you will also have future opportunities to collaborate with the global team on other international brands. THE ROLE: Apply Digital is looking for a Senior Backend Engineer to join our globally distributed team. You’ll be a key contributor in a fast-paced environment, building scalable APIs and services using TypeScript and NestJS, with infrastructure on Google Cloud Platform. This role is part of our India-based engineering team that collaborates closely with teams in North and Latin America on digital experience platforms built with a modern Composable architecture. You’ll bring a mix of deep technical expertise, strong communication skills, and a desire to mentor. This is a senior-level hands-on IC role, ideal for someone who thrives in distributed teams and knows how to make thoughtful architecture decisions while still shipping high-quality code. Strong English language proficiency and experience working with remote teams across North America and Latin America are required, as this role requires clear communication and coordination across distributed teams. What You'll do: Design and implement high-quality, test-driven, scalable backend code for various client projects using TypeScript and Nest.js Develop and maintain APIs to support consuming teams. Work closely with frontend teams to optimize REST API integrations, ensuring efficient data fetching and caching strategies. Create and maintain documentation, implement and follow best practices for development workflow. Collaborate effectively with team members to meet project deadlines. Contribute innovative ideas to ensure we deliver the best solutions for our clients. Stay updated on technology trends and continually enhance your skill set. What We're looking for: Strong proficiency in English (written and verbal communication) is required. Experience working with remote teams in North America and Latin America, ensuring smooth collaboration across time zones. Deep expertise with TypeScript and NestJS framework. Experience with authentication workflows and authorization mechanisms (OAuth, JWT). Experience with testing frameworks and best practices, including unit testing, integration testing, and e2e testing. Solid understanding of web technologies in general. Solid understanding of backend design patterns. Experience with designing applications that use and consume databases (SQL, ORM, etc). Extensive experience with building and maintaining versioned APIs. Strong knowledge of GCP or other equivalent cloud platforms. Understanding of containerization technologies for development environments. Experience with messaging systems and patterns, ideally with tools like Google Pub/Sub or equivalent. Experience with CI/CD pipelines for deployments (GitHub Actions preferred). Knowledge of security best practices, including CSP and OWASP Top 10. Ability to communicate effectively with technical and non-technical stakeholders, comfortable explaining technical concepts in simple terms. Experience working in fast-paced, Agile environments, balancing priorities across multiple projects. Nice to Haves: Experience with Algolia, Ninetailed, and Salsify. Experience with front-end technologies like React and frameworks like NextJs. Experience with Terraform. Certification in Cloud Development on any modern platform. LIFE AT APPLY DIGITAL At Apply Digital, people are at the core of everything we do . We value your time, safety, and health, and strive to build a work community that can help you thrive and grow. Here are a few benefits we offer to support you: Location: Apply Digital is a hybrid friendly organization with remote options available if needed. The preferred candidate should be based in (or within a location commutable to) Delhi/NCR, with the ability to overlap with the US/NA times zones when required. Comprehensive Benefits: benefit from private healthcare coverage, contributions to your Provident fund, and a gratuity bonus after five years of service. Vacation policy: work-life balance is key to our team’s success, so we offer flexible personal time offer (PTO); allowing ample time away from work to promote overall well-being. Great projects: broaden your skills on a range of engaging projects with international brands that have a global impact. An inclusive and safe environment: we’re truly committed to building a culture where you are celebrated and everyone feels welcome and safe. Learning opportunities: we offer generous training budgets, including partner tech certifications, custom learning plans, workshops, mentorship, and peer support. Apply Digital is committed to building a culture where differences are celebrated, and everyone feels welcome. That’s why we value equal opportunity and nurture an inclusive workplace where our individual differences are recognized and valued. For more information, visit our website’s Diversity, Equity, and Inclusion (DEI) page. If you have special needs or accommodations at this stage of the recruitment process, please inform us as soon as possible by emailing us at careers@applydigital.com .

Engineering Manager - MERN Stack Location: Mumbai, Pune & Bengaluru/ Hybrid (Mon- Fri) About the Role : We're seeking a dynamic and technically strong Engineering Manager to lead, grow, and inspire our high-performing engineering team. In this role, you?ll drive technical strategy, deliver scalable systems, and ensure SolarSquare's platforms continue to delight users at scale. You'll combine hands-on technical expertise with a passion for mentoring engineers, shaping culture, and collaborating across functions to bring bold ideas to life in a fast-paced startup environment. Responsibilities : Lead and manage a team of full stack developers (SDE1 to SDE3), fostering a culture of ownership, technical excellence, and continuous learning. Drive the technical vision and architectural roadmap for the MERN stack platform, ensuring scalability, security, and high performance. Collaborate closely with product, design, and business teams to align engineering priorities with business goals and deliver impactful products. Ensure engineering best practices across code reviews, testing strategies, and deployment pipelines (CI/CD). Implement robust observability and monitoring systems to proactively identify and resolve issues in production environments. Optimize system performance and cost-efficiency in cloud infrastructure (AWS, Azure, GCP). Manage technical debt effectively, balancing long-term engineering health with short-term product needs. Recruit, onboard, and develop top engineering talent, creating growth paths for team members. Drive delivery excellence by setting clear goals, metrics, and expectations, and ensuring timely execution of projects.Advocate for secure coding practices and compliance with data protection standards (e.g., OWASP, GDPR). Requirements : 8-12 years of experience in full stack development, with at least 2+ years in a technical leadership or people management role. Proven expertise in the MERN stack (MongoDB, Express.js, React.js, Node.js) and strong understanding of distributed systems and microservices. Hands-on experience designing and scaling high-traffic web applications. Deep knowledge of cloud platforms (AWS, Azure, GCP), containerization (Docker), and orchestration tools (Kubernetes). Strong understanding of observability practices and tools (Prometheus, Grafana, ELK, Datadog) for maintaining production-grade systems. Track record of building and leading high-performing engineering teams in agile environments. Excellent communication and stakeholder management skills, with the ability to align technical efforts with business objectives. Experience with cost optimization, security best practices, and performance tuning in cloud-native environments. Bonus: Prior experience in established Product companies or experience with scaling teams in early stage startup and designing systems from scratch. Work Arrangement Flexible work setup, including hybrid options. Monday to Friday.

Job Location: Hyderabad Job Type: Full-time Experience Required: Over 5 years of total experience, including 3+ years of hands-on experience in ReactJS, JavaScript, and 1+ Sprint Planning year of NodeJS. Immediate Joiner only We are seeking candidates who are available to join immediately. Job Description: We are looking for a skilled Frontend Developer with strong expertise in ReactJS, JavaScript, and NodeJS. The ideal candidate will be responsible for designing, developing, and maintaining high- performance web applications, ensuring seamless user experiences across different platforms. Prior experience working in SaaS-based companies is highly preferred Key Responsibilities: - Develop, test, and maintain front-end applications using React (mandatory: 3+ years) and NodeJS (mandatory: 1+ year). - Work with JavaScript, TypeScript, HTML5, and CSS3 to build responsive and scalable web applications. - Collaborate with backend developers to integrate NodeJS-based APIs. - Ensure cross-browser compatibility and optimize performance. - Implement UI/UX designs and enhance user interactions. - Debug and troubleshoot issues to improve application performance and usability. - Work in an Agile/Scrum environment and actively participate in daily stand-ups. - Stay updated with the latest trends and technologies in front-end development. Required Skills & Qualifications: Mandatory: - Strong knowledge of ReactJS and its ecosystem. - Proficiency in JavaScript (ES6+), TypeScript, HTML5, CSS3, and SASS/SCSS. - Hands-on experience with NodeJS for API integration. - OWASP Knowledge is mandatory - Experience with state management libraries like Redux or NgRx. - Knowledge of RESTful APIs, authentication mechanisms (OAuth, JWT, etc.), and web security best practices. - Experience with any unit testing framework is required. - Experience with version control systems like Git. - Understanding CI/CD pipelines and deployment processes. - Strong problem-solving and debugging skills. - Excellent communication and teamwork skills. Preferred Skills (Nice to Have): - Experience with modern UI frameworks such as Material UI, Bootstrap, or Tailwind CSS. - Familiarity with testing frameworks like Jest, Mocha, or Jasmine. - Experience working with cloud platforms like AWS, Azure, or Google Cloud. - Understanding of Microservices architecture and containerization (Docker, Kubernetes). Educational Qualification: Bachelor's/master's degree in computer science, Information Technology, or related field. Job Type: Full-time Pay: ₹500,000.00 - ₹1,600,000.00 per year Experience: UI development: 5 years (Preferred) React: 4 years (Preferred) Node.js: 3 years (Preferred) Work Location: In person

🚨 We’re Hiring | Penetration Tester 🔐 Join a leading German multinational that’s at the forefront of cybersecurity innovation! We’re on the lookout for a talented and passionate Penetration Tester to help us strengthen our global security posture. 🛡️ Role : Penetration Tester 📍 Location : Pune 🕒 Experience : 5 to 8 Years 📅 Joining : Immediate Joiners only Job Profile for Penetration Tester: Vulnerability Assessment: Identifying & Exploiting Vulnerabilities in Applications (Including Web App), Networks, & Infrastructure. Mobile App Pen Test: Identify Vulnerabilities & Weaknesses in Mobile Applications (Android & iOS Platform) to Protect against Attacks. Simulate Real-World Attacks to find Entry Points & Assess the Security of Mobile Apps, Advising on Security Measures & Remediation Strategies. Penetration Testing: Performing Simulated attacks to Test the Security of Systems & Identify Weaknesses Reporting: Documentation of Findings, including the Identified Vulnerabilities, Level of Risk, & Recommendations for Remediation. Collaboration: Working with Stakeholders to Implement Security Improvements. Staying Up-to-Date: Keeping abreast of the latest Security Threats & Vulnerabilities Validation: Confirming that Security Improvements have been Implemented Effectively Solid understanding of OWASP Top 10, MITRE ATT&CK, and other security frameworks. Proficient in tools such as Burp Suite, Metasploit, Nmap, Nessus, Wireshark, and others. Skills: Web App Pen Test, Network Pen Test, Mobile App Pen Test Solid Understanding of OWASP Top 10, MITRE ATT&CK, & other Security Frameworks. Tool Expertise: Burp Suit Tenable Web App Scanning Nessus Professional/Expert Metasploit, Nmap, Wireshark, & others. Certification: CEH, OSCP #PenetrationTesting #CyberSecurityJobs #EthicalHacking #InfoSec #HiringNow #OSCP #CEH #SecurityAnalyst #CyberSecurityCareers

We are in to Manufacturing, distribution Electronic Security System Like (CCTV Camera, , PA system, Cables ) We are seeking a detail-oriented Software Engineer to conduct of CCTV system software, firmware, and embedded modules. The role requires identifying vulnerabilities, backdoors, and coding issues in surveillance applications, camera firmware, and related embedded systems. The engineer will collaborate with development and security teams to ensure the integrity, security, and performance of CCTV software components. Key Responsibilities: Source Code Analysis: - Review source code for CCTV software including camera firmware, video management systems (VMS), and SDKs. - Identify security flaws, deprecated functions, and logical vulnerabilities. - Ensure adherence to secure coding standards (e.g., OWASP, MISRA C). Security & Compliance: - Evaluate embedded code for hardcoded credentials, insecure protocols, or buffer overflows. - Assist in achieving compliance with standards such as ISO/IEC 27001, GDPR, etc. - Support secure firmware development lifecycle. Documentation & Reporting: - Prepare reports on code quality, vulnerabilities, and security risks. - Document recommended fixes, patches, and architectural improvements. - Track and validate resolution of identified issues. Collaboration & Support: - Work with R&D, DevOps, and QA teams for code remediation. - Participate in security audits and penetration testing planning. - Provide technical guidance on secure coding practices. Qualifications: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related discipline. 3–6 years of experience in software development and source code review, preferably in embedded or surveillance systems. Required Skills: - Strong proficiency in C/C++, Python, or embedded Linux development. - Experience with CCTV/VMS software, RTSP protocols, and camera SDKs. - Familiarity with static and dynamic code analysis tools (e.g., SonarQube, Coverity, Fortify). - Understanding of secure coding guidelines and software lifecycle models. Preferred Skills: -Knowledge of firmware reverse engineering and binary analysis. - Exposure to real-time operating systems (RTOS), IoT, or surveillance camera platforms. - Experience in vulnerability assessment and CVE analysis. Certifications (Optional): - CEH (Certified Ethical Hacker) - CSSLP (Certified Secure Software Lifecycle Professional) - OSCP or equivalent penetration testing certification Website: www.aditgroup.com Corporate Video Link : https://www.youtube.com/watch?v=dn0UbRYpuBI&t=47s Contact Person : Ashish Lodha Email id: hr@aditgroup.com Contact No: 9099962720 Address: D-405, Abhishek Complex & Estate -1, New Civil Hospital Road, Ahmedabad Job Type: Full-time Pay: ₹40,000.00 - ₹80,000.00 per month Benefits: Cell phone reimbursement Health insurance Internet reimbursement Provident Fund Schedule: Day shift Supplemental Pay: Commission pay Application Question(s): What is Your Current and Expected CTC ? What is your notice period ? What is your based location ? Experience: Software Development for Surveillance Product: 4 years (Required) Work Location: In person

Role: Sr. QA Analyst Employment: Full Time Experience: 10 To 15 Years Salary: Not Disclosed Location: Jaipur, India Programmers.IO is currently looking to hire Sr. QA Analyst on Database Testing, API Testing, Performance Testing, Security & Penetration Testing, Technology. If you think you are a good fit and willing to work from Jaipur, India location.Please apply with you resume or share your resume at anjali.shah@programmers.io Experience Required: 10 to 15 Years Job Overview : The Sr. QA Analyst will primarily focus on testing web application, microservices, API’s and backend testing. He/she will contribute to ensuring the quality delivery of the system. The ideal candidate will play a crucial role in ensuring the quality and reliability of our software products by conducting thorough testing and validation processes. Preferred Skills : Must have 8+ years of well-rounded quality assurance testing experience Must have 3+ years of database testing experience Must have 3+ years of API testing experience using Postman Nice to have: 3+ years of Performance testing experience using Jmeter Nice to have: 3+ years of Automation testing experience using Selenium Nice to have: 3+ years of Security and Penetration testing experience using BurpSuite, OWASP ZAP or any other tools (Nice to have) 1+ year of experience with AI tools Responsibilities: Participate in all aspects of the software development life cycle and Agile ceremonies. Perform various types of testing including Unit, integration and Regression, DB validation, system testing as needed Collaborate with cross-functional teams to understand project requirements and develop comprehensive test plans. Execute testing procedures to identify software defects and ensure adherence to quality standards. Perform Backend validation for data completeness/correctness and performance verification. Work closely with developers to reproduce and debug issues, providing detailed information for resolution. Perform regression testing to guarantee the stability of existing functionality after code changes. Create and maintain detailed test documentation, including test cases, test scripts, and test reports. Gathers non-functional requirements to verify application performance Defines performance test scenarios and workflows to be tested and associate load profiles to ensure application performance Collaborate with the automation team to identify opportunities for test automation and contribute to automated test scripts. Stay current with industry best practices and incorporate them into our testing processes. Ensure that the final product satisfies the product requirements and meet end-user expectations Qualifications Bachelor's degree in Computer Science, Information Technology, or related field or equivalent work experience (preferred) Experience with both Agile/Scrum and Waterfall system development life cycle methodologies Excellent communication skills, both written and verbal, with the ability to effectively collaborate with cross-functional teams. Must be proficient in both Manual and hands-on Automated testing Working knowledge of test management software (integrated with Jira) Web application testing, including verification of user experience • Must have experience writing efficient SQL queries • Familiarity with Agile/SCRUM and the software testing life cycle Familiarity with test automation tools and the ability to contribute to automated test scripts is a plus. Perform controlled and methodological attempts to exploit identified vulnerabilities, simulating real world attacks. Manual Pen testing. • Ability to work independently with little supervision or guidance • Ability to multi-task and change directions as requirements and priorities change Strong analytical, problem-solving, and follow up-skills Team player with the ability to communicate effectively both verbally and in writing to all organizational levels Ability to meet tight deadlines for deliverables • Must foster an inclusive work environment and respect all aspects of diversity; must demonstrate and value differences in others' strengths, perspectives, approaches, and personal choices • Comfort in engaging with senior-level business leadership as well as software development staff Ability to work well in a deadline-driven team environment. Skills and Knowledge: Database Testing, API Testing, Performance Testing, Security & Penetration Testing,

Profile: Cybersecurity Application Security Consultant - DevSecOps Company: Digital Defense Position Type: Permanent Location: Bhopal, Madhya Pradesh, India Salary: ₹50,000 INR per month About the Role Digital Defense is seeking a highly motivated and skilled Cybersecurity Application Security Consultant with expertise in DevSecOps practices to join our growing team in Bhopal. This is a permanent position where you will play a crucial role in integrating security into every phase of the Software Development Life Cycle (SDLC), from design to deployment and operations. You will work closely with development, operations, and QA teams to ensure our applications are secure by design and by default. Key Responsibilities Security Integration: Integrate security tools and processes into CI/CD pipelines (DevSecOps) to automate security testing, vulnerability scanning, and compliance checks. Application Security Testing: Conduct various application security tests, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), and Software Composition Analysis (SCA). Vulnerability Management: Identify, analyze, and prioritize security vulnerabilities in applications and provide actionable recommendations for remediation. Security Architecture Review: Participate in the design and architecture reviews of new and existing applications to identify potential security risks and recommend secure design patterns. Threat Modeling: Perform threat modeling exercises to identify potential threats and vulnerabilities early in the development lifecycle. Security Best Practices: Advocate for and implement secure coding guidelines, industry standards (e.g., OWASP Top 10, SANS Top 25), and security best practices within development teams. Security Training & Awareness: Provide guidance and training to development teams on secure coding practices and application security principles. Incident Response Support: Assist in the investigation and resolution of application security incidents. Documentation: Maintain comprehensive documentation of security findings, remediation efforts, and security policies. Required Skills and Qualifications Education: Bachelor's degree or Engineer in Computer Science, Information Technology, Cybersecurity, or a related field. Experience: Proven experience (e.g., 3+ years) in application security, with a strong focus on DevSecOps principles and practices. Development Experience: Practical experience in software development, understanding the full development lifecycle. Technical Proficiency: Strong understanding of web application security vulnerabilities (OWASP Top 10) and secure coding practices. Experience with security testing tools (e.g., Burp Suite, OWASP ZAP, Nessus, SonarQube, Checkmarx, Fortify). Familiarity with CI/CD tools (e.g., Jenkins, GitLab CI/CD, Azure DevOps, GitHub Actions, samgrep, open grep). Proficiency in at least one scripting language (e.g., Python, Bash) for automation. Understanding of cloud security principles (AWS, Azure, GCP) is a plus. Knowledge of containerisation technologies (Docker, Kubernetes) and their security implications. DevSecOps Mindset: A strong understanding of how to embed security into agile and DevOps methodologies. Communication: Excellent written and verbal communication skills, with the ability to explain complex security concepts to technical and non-technical stakeholders. Problem-Solving: Strong analytical and problem-solving skills with a keen eye for detail. Preferred Qualifications Engineering in Computer Science or Cybersecurity Relevant industry certifications, including CEH, OSCP, Offensive Security Web Application certifications. Experience with security frameworks and compliance standards (e.g., ISO 27001, NIST, GDPR). Familiarity with various programming languages (e.g., Java, .NET, Python, Node.js).

We’re Hiring: Senior Software Engineer – Java 27270 📍 Location: Pune (Hybrid – 3 days/week from Yerwada office) 🕒 Shift Timing: 9 AM – 5 PM IST 📅 Notice Period: Immediate to 30 days (Strictly enforced) Role Overview As a Senior Java Engineer , you’ll work on high-performance systems that power next-gen financial platforms. You’ll join a fast-paced agile team and contribute to architecture, development, and delivery of scalable enterprise applications using Java, Spring Boot, Kafka, and cloud technologies. ✅ Must-Have Skills & Experience 8+ years of Java development experience in enterprise domains Java 8 or 11 (must have hands-on with lambda, Streams, CompletableFuture) 4+ years with Microservices, Spring Boot, and Hibernate 3+ years working with RESTful APIs 2+ years hands-on with Kafka in current/ongoing project 1+ years with AWS (preferred) or any cloud platform Strong proficiency in SQL Solid understanding of CI/CD pipelines and deployment processes Experience in at least one project in the FinTech domain 💡 Nice-to-Haves Familiarity with GRPC, HTTP/2, OAuth, OWASP, or encryption Understanding of Agile delivery Good communication and team collaboration skills Skills: software,ci/cd,restful apis,java,spring,aws,microservices,sql,hibernate,spring boot,agile,kafka,boot,cloud

Cloud & Compliance Security Specialist (4–6 Years Experience) Job Title: Cloud & Compliance Security Specialist Experience Required: 4–6 Years Location: Noida Job Type: Full-Time Department: Cyber Security Reporting to: Head/CISO Cyber Security. Role Overview: We are seeking a highly experienced and detail-oriented Cloud & Compliance Security Specialist to join our cybersecurity team. The ideal candidate will have a strong background in Governance, Risk, and Compliance (GRC), security technologies, and reporting/documentation. This role demands a strategic thinker with hands-on expertise in securing cloud environments across Various Cloud platforms. Key Responsibilities: 1. Security Technology & Operations – 50% · Design and implement cloud-native security controls and architectures (e.g., IAM, encryption, firewalls, WAFs, SIEM, CSPM, CWPP). · Monitor and respond to cloud security incidents using industry-standard tools and platforms for threat detection and analysis. · Integrate DevSecOps practices into CI/CD pipelines to ensure secure code deployment. · Perform threat modeling, vulnerability assessments, and penetration testing of cloud infrastructure. · Collaborate with DevOps and IT teams to ensure secure configuration and hardening of cloud resources. 2. Governance, Risk & Compliance (GRC) – 35% · Develop, implement, and maintain overall organizational security policies, standards, and procedures including Cloud security aligned with industry frameworks (e.g., ISO 27001, NIST, CIS, CSA). · Conduct risk assessments and cloud security audits to identify gaps and recommend mitigation strategies. · Ensure compliance with regulatory requirements such as DPDP, GDPR, HIPAA, PCI-DSS, and local data protection laws. · Collaborate with internal audit and legal teams to manage third-party risk assessments and vendor security reviews. · Lead security awareness and training programs across the organization. 3. Reporting & Documentation – 15% · Prepare detailed security reports, dashboards, and metrics for executive leadership and stakeholders. · Maintain comprehensive documentation of cloud security architecture, incident response plans, and audit findings. · Track and report on remediation efforts and risk mitigation progress. · Support internal and external audits with accurate and timely documentation. Required Skills & Qualifications: Bachelor’s or Master’s degree in Computer Science, Information Security, or related field. 4–6 years of experience in cybersecurity with at least 4 years in cloud security. Strong knowledge of AWS, Azure, and/or GCP security services. Hands-on experience with security tools: Next Gen Firewalls, SIEM, WAF, CSPM, EDR, etc. Hands-on experience with DevSecOps, container security (Kubernetes, Docker), and Infrastructure as Code (Terraform, CloudFormation). Hands-on experience with various VA/PT tools including open source like OpenVas/OWASP Zap/Veracode/Nessus/Qualys etc. Certifications (Preferred): Cloud Security: CCSP, AWS Security Specialty, Azure Security Engineer Associate, GCP Professional Cloud Security Engineer (any one of them) General Security & Compliance: CISA/ISO 27001 Lead Implementer/Auditor (any one of them)

Required Skills & Experience: Hands-on experience in: Web Application Penetration Testing Network Penetration Testing Mobile Application Penetration Testing (Android & iOS) Strong knowledge of: OWASP Top 10 MITRE ATT&CK Other industry-recognized security frameworks Ability to simulate real-world attacks using both manual and automated tools. Experience in identifying, analyzing, and remediating vulnerabilities across diverse platforms. Tools Expertise: Burp Suite Nessus (Professional/Expert) Tenable Web App Scanning Metasploit Nmap Wireshark Additional tools for network and mobile testing as required

Job Title: Sr. QA Analyst Location: Remote Job Type: Full-Time . Exp required - 8 years + Working Hours: 1:30pm to 10 pm IST Hours daily. Job Overview: The Sr. QA Analyst will primarily focus on testing web application, microservices, API’s and backend testing. He/she will contribute to ensuring the quality delivery of the system. The ideal candidate will play a crucial role in ensuring the quality and reliability of our software products by conducting thorough testing and validation processes. Preferred Skills: • Must have 8+ years of well-rounded quality assurance testing experience • Must have 3+ years of database testing experience • Must have 3+ years of API testing experience using Postman • Nice to have: 3+ years of Performance testing experience using Jmeter • Nice to have: 3+ years of Automation testing experience using Selenium • Nice to have: 3+ years of Security and Penetration testing experience using BurpSuite, OWASP ZAP or any other tools • (Nice to have) 1+ year of experience with AI tool Please share your resume at Akhila.kadudhuri@programmers.io with current CTC, expected CTC, and notice period. details.

Job Title: Sr. QA Analyst Location: Remote Job Type: Full-Time . Exp required - 8 years + Working Hours: 1:30pm to 10 pm IST Hours daily. Job Overview: The Sr. QA Analyst will primarily focus on testing web application, microservices, API’s and backend testing. He/she will contribute to ensuring the quality delivery of the system. The ideal candidate will play a crucial role in ensuring the quality and reliability of our software products by conducting thorough testing and validation processes. Preferred Skills: • Must have 8+ years of well-rounded quality assurance testing experience • Must have 3+ years of database testing experience • Must have 3+ years of API testing experience using Postman • Nice to have: 3+ years of Performance testing experience using Jmeter • Nice to have: 3+ years of Automation testing experience using Selenium • Nice to have: 3+ years of Security and Penetration testing experience using BurpSuite, OWASP ZAP or any other tools • (Nice to have) 1+ year of experience with AI tool Please share your resume at Akhila.kadudhuri@programmers.io with current CTC, expected CTC, and notice period. details.